Merge remote-tracking branch 'origin/maint-0.2.2'

Conflicts:
	configure.in
	src/or/circuitbuild.c

2 files changed, 17 insertions, 0 deletions

diff --git a/changes/bug3894 b/changes/bug3894
new file mode 100644
index 0000000000..4c2220aba8
--- /dev/null
+++ b/changes/bug3894
@@ -0,0 +1,4 @@
+  o Build fixes:
+    - Clean up some code issues that prevented Tor from building on older
+      BSDs.  Fixes bug 3894; reported by grarpamp.
+      
diff --git a/changes/replay-firstpart b/changes/replay-firstpart
new file mode 100644
index 0000000000..f4a7767fb1
--- /dev/null
+++ b/changes/replay-firstpart
@@ -0,0 +1,13 @@
+  o Minor features (security):
+
+    - Check for replays of the public-key encrypted portion of an
+      INTRODUCE1 cell, in addition to the current check for replays of
+      the g^x value.  This prevents a possible class of active attacks
+      by an attacker who controls both an introduction point and a
+      rendezvous point, and who uses the malleability of AES-CTR to
+      alter the encrypted g^x portion of the INTRODUCE1 cell.  We
+      think that these attacks is infeasible (requiring the attacker
+      to send on the order of zettabytes of altered cells in a short
+      interval), but we'd rather block them off in case there are any
+      classes of this attack that we missed.  Reported by dvorak.
+